[Openid-specs-ab] Spec call notes 22-Sep-14

Mike Jones Michael.Jones at microsoft.com
Mon Sep 22 23:36:19 UTC 2014

Spec call notes 22-Sep-14

Mike Jones
Edmund Jay
John Bradley
A Matt Brown apparently tried to connect, but there was no audio from him
Nat Sakimura sent his regrets due to a Japanese holiday

               Spec reviews
               Open Issues
               October 27 OpenID Workshop
               Login for a specific user

Spec Reviews
               We started the 45 day Migration and Errata spec reviews last week
               Torsten sent in a bunch of comments on Migration
                              Those haven't been reviewed yet
                              Nat should make a determination whether any of them are recall-class comments

               Don and Roland are working on a term sheet for certification deliverables
                              It will get reviewed by the executive committee and the working group once it's reasonably complete
               Don is working on having Symantec get up the hosts for the certification test suite
               John recommends that software be tested as deployments for conformance to deployment profiles
                              You should be able to do all the tests with a single configuration
                              Some features may be mutually incompatible, which could be problematic

Open Issues
               There are no new open issues

October 27 OpenID Workshop
               The registration URL is https://openid-wg-oct-2014.eventbrite.com
                              More registrations have come in

Login for a specific user
               See the thread "[Openid-specs-ab] Limiting a login request to a specific user"
               John noted that there isn't a 1:1 mapping between login_hint values and subjects
               We can request specific sub values already using the "claims" request
               The semantics would be to constrain the subject to one relating to the login_hint value
               A "this_user=true" kind of parameter could work with either login_hint or id_token_hint
                              Or it could be called "limit_to_hint", etc.
               More discussion of this is requested on the mailing list
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20140922/b51ab695/attachment-0001.html>

More information about the Openid-specs-ab mailing list